diff --git a/app/__init__.py b/app/__init__.py
index 2969e976..0ffbaa84 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -129,7 +129,9 @@ def authorized_with_valid_token(f):
         @wraps(f)
         def decorated_function(*args, **kwargs):
 
-            if settings.debug_oidc_token:
+            if 'token' in session:
+                oidc_blueprint.session.token = {'access_token': session['token']}
+            elif settings.debug_oidc_token:
                 oidc_blueprint.session.token = {'access_token': settings.debug_oidc_token}
             else:
                 try:
@@ -192,9 +194,9 @@ def home():
 
         # To make easier test endpoints
         if 'token' in request.args:
-            settings.debug_oidc_token = request.args['token']
-
-        if settings.debug_oidc_token:
+            session["token"] = request.args['token']
+            oidc_blueprint.session.token = {'access_token': request.args['token']}
+        elif settings.debug_oidc_token:
             oidc_blueprint.session.token = {'access_token': settings.debug_oidc_token}
         else:
             if not oidc_blueprint.session.authorized: